aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/so/components/soHelpers/templates/_certificates.tpl
diff options
context:
space:
mode:
authorSylvain Desbureaux <sylvain.desbureaux@orange.com>2020-10-21 18:15:08 +0200
committerSylvain Desbureaux <sylvain.desbureaux@orange.com>2020-10-22 14:18:25 +0200
commit2954823e469dc10ec45f8170dac5a8041ab3fd44 (patch)
treeaf4ff61b346637c960260a9b1155e42bcf78ca7e /kubernetes/so/components/soHelpers/templates/_certificates.tpl
parent3ed223d7f77b43033fa97d584246db4a386d6b0c (diff)
[SO] Import various CAs in truststore
Per default, SO truststore has only one CA, the ONAP one. But we also need MSB root CA. The process to onboard was broken and this patch solves it We also needs "common root CAs" in order to discuss with other components such as the underneath OpenStack. In this patch we also import all "known" root CA from truststoreONAPall. Issue-ID: OOM-2606 Issue-ID: OOM-2607 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ia67bd4aec7a0b122fb9fda11e1e48c4e6e55430c
Diffstat (limited to 'kubernetes/so/components/soHelpers/templates/_certificates.tpl')
-rw-r--r--kubernetes/so/components/soHelpers/templates/_certificates.tpl6
1 files changed, 5 insertions, 1 deletions
diff --git a/kubernetes/so/components/soHelpers/templates/_certificates.tpl b/kubernetes/so/components/soHelpers/templates/_certificates.tpl
index fa25ba5177..ef3b0768f5 100644
--- a/kubernetes/so/components/soHelpers/templates/_certificates.tpl
+++ b/kubernetes/so/components/soHelpers/templates/_certificates.tpl
@@ -16,7 +16,11 @@
keytool -import -trustcacerts -alias msb_root -file \
/certificates/msb-ca.crt -keystore \
"{{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }}" \
- -keypass $cadi_truststore_password -noprompt
+ -storepass $cadi_truststore_password -noprompt
+ keytool -importkeystore -srckeystore "{{ $subchartDot.Values.certInitializer.credsPath }}/truststoreONAPall.jks" \
+ -srcstorepass {{ $subchartDot.Values.certInitializer.trustStoreAllPass }} \
+ -destkeystore "{{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }}" \
+ -deststorepass $cadi_truststore_password -noprompt
volumeMounts:
{{ include "common.certInitializer.volumeMount" $subchartDot | indent 2 | trim }}
- name: {{ include "common.name" $dot }}-msb-certificate